[mailto:yaowang2...@gmail.com]
Sent: Monday, November 18, 2013 5:09 AM
To: Jäkel, Guido
Cc: lxc-users@lists.sourceforge.net
Subject: Re: [Lxc-users] Bonding inside LXC container
Hi Jake,
First of all, thank you for your reply and I am very sorry for such a late
response.
Just as you said, I had ever
Dear Yao,
as I understand, you want to bound two physical interfaces of the host hardware
to and use the bound inside a container.
eth0--[phys]--eth0--+--bound0
eth1--[phys]--eth1--/
Because no other -- neither host nor another container -- may use one of NICs
in addition, I
Dear Andreas,
please substantiate your term start a lxc with multiple IPs and the line If
we are using only one IP for LXC, all is fine: What kind of network setup do
you use, is it e.g. a bridge on the lxc host and veth's on the containers?
A guess might be that you have a MAC address clash;
low value?
* Is the Host connected to a Switched Network? What did you observe here with
respect to the used MACs / IPs?
Greetings
Guido
-Original Message-
From: Andreas Laut [mailto:andreas.l...@spark5.de]
Sent: Friday, October 11, 2013 10:41 AM
To: Jäkel, Guido; 'lxc-users
Dear Kaj,
You step into a non-trivial trap. It will work either if your mount path inside
the container isn't 'mnt' or if you use lxc.pivotdir to define it to
something other than it default 'mnt'. To get rid of this problem, I'm using an
argument like '-s lxc.pivotdir=$CONTAINER' in my
Would injecting tcp rst really be necessary? In my test, doing ip link del
on the host side of the interface ALWAYS succeed, no matter
what the state the guest container's interface is.
Serge, do you have the particular commit ids for lxc.network.script.down
support? Backporting that would
Hi,
I want to contribute an observation while playing around with my empty plain
vanilla container template: The test cyclce is to start it, open an ssh
terminal session to it, leave it idle and regular shut down the container.
Now, if the containers eth0 is brought down by the shutdown, after
Quoting Jäkel, Guido (g.jae...@dnb.de):
Hi,
I want to contribute an observation while playing around with my empty
plain vanilla container template: The test cycle is to start it,
open an ssh terminal session to it, leave it idle and regular shut down the
container.
Now, if the containers
Dear Serge,
to assist to avoid such problems i would propose to introduce macro expansion
(of the own tags but also by incorporating the environment variables) into the
configuration argument parser and to provide some useful basics like the
container name. Then one may use e.g.
Hi Serge,
to assist to avoid such problems i would propose to introduce macro
expansion (of the own tags but also by incorporating the
environment variables) into the configuration argument parser and to provide
some useful basics like the container name. Then one may
use e.g.
Dear Hans,
this is a FAQ here but -- as you already found -- not basically caused by LXC.
The software bridge will always choose the lowest MAC of the attached devices
or hold an explicit assigned (from the set of currently assigned devices) as
long as possible. In your case you either may set
yes and it does this. The point is that lxcbr0 is not tied to any
physical nic. So the first container you start, however high the
macaddr is, lxcbr0 takes its mac. If the next container gets a
lower macaddr, lxcbr0's macaddr drops.
This lxcbr0 is special to Ubuntu, right? And if not to a
Ok, who wants to be co-administrator of the mailing list ?
Tamas and Mike
--
Try New Relic Now We'll Send You this Cool Shirt
New Relic is the only SaaS-based application performance monitoring service
that delivers
Dear David,
this will require to persist the current power state of a container by some
kind of marker. A tricky way is to mark some container-related file, e.g. to
(miss-) use the sticky bit of the containers lxc configuration file or to put
some marker file into the containers rootfs.
This
TBH, I prefer the icon on the right, with boxes inside the monitor.
+1
Or what's about something with a container -- like
http://serverservice.sytes.net/wp-content/uploads/2012/06/lxc11.png
--
Everyone hates slow
Dear Mike,
Don't put an IP on the second (or further) bridges. Think about this bridges
configuration slot as an additional virtual interface card to connect your
hosts IP stack with this network. Said that, you will not be surprised that you
got two network interface devices and two default
... and if you don't like to deal with changing spanning trees or
broad/multicast storms I strongly recommend to let only *one* do any routing
for all - for the lxc host and for all other machines in the network. Of
course, this one is the (core) router.
Guido
-Original Message-
From:
Dear Miroslav,
please ensure that the syslog deamon within all containers don't log the kernel
logfile source. If you drain this source by more than one syslog process, the
log messages will spread over the different syslog files.
If you state what concrete syslog deamon you'll use, I may have
Dear Benoit,
Serge Hallyn suggested that 7b35f3d should fix my problem.
I noticed that.
Thanks for the tip. a careful analysis of netstat does not lead to think I
have remaining container connections.
I'm not using physical interfaces but instead of the default (veth and a number
of unkown
)
[...]
Sincerely
Guido
-Original Message-
From: Miroslav Lednicky [mailto:miroslav.ledni...@fnusa.cz]
Sent: Thursday, January 24, 2013 11:11 AM
To: Jäkel, Guido
Cc: 'lxc-users@lists.sourceforge.net'
Subject: Re: [Lxc-users] Syslog
Dear Guido,
I am using rsyslog and distribution Ubuntu
On the other hand, I *do* also feel that any services on the containers
ought to be robust to unavailability, so that startup order should not
matter.
Dear Serge,
yes - it's Xmas time, bells are ringing and all is warm and bright. ;)
Unfortunately, it matters to the greater part of software.
Hi all,
here my 5ct on auto start and start order: Because i'm using a farm of LXC
hosts where my containers may be spread over, i also need to persist the
preferred host of a container. This is currently stored in a separate
configuration file. Because this information should be easy
(1) I'm not sure you can do nfs-mount inside an lxc container
Yes, you can for the simplest solution.
But also, you can mount it on the host and propagate it (or any subtree, e.g.
for a concrete container) via an bind-mount to the container. If you have a lot
of containers, this will reduce
Dear Dan,
As a workaround you may use the following perl script written by Ullrich
Horlacher. It also demonstrates the basic idea where to get a containers uptime
from. Here he use a well known file, but I think one may also use the
information related to the containers init process.
So what happens with the container's when the Host OS gets an upgrade that
includes a new kernel? Are the containers stil
reachable, runable, etc? I guess what I'm asking is what happens?
Dear Brian,
a new kernel will be not become used until you boot the host. From that, after
an os
Dear developers,
I want to propose to change the default value of the temporal lxc pivot
directory from 'mnt' to '.lxc-mnt' or something unusual like that:
Right now, It takes me about an hour to trace down why I can successfully bind
mount some resource from the host to the container to
Dear Chris,
I think many of us have been caught out by this feature.
No need to get this number rising, right? ;)
I now set all my config files to use /mnt/.lxc/NAME as the lxc.pivotdir entry
for a container named NAME.
Do you choose the NAME postfix because in addition there's a possible
perhaps just using tempnam suffices.
Or the process id? To use something unique, but still related ...
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat
I have a set up where there are multiple short lived containers (sharing the
same IP address) in a host.
Why? Don't do that.
I agree...what is your goal?
As others said, this is very free-spirited and typically only used in a high
availability cluster setup or other failover scenarios.
You
I know this is digression but I wondered if you could expand on this?
Perhaps if I explained our use case and tell me if I'm doing the right thing?
1. We create a new container
2. We want to bootstrap it with a puppet script (apt-get install puppet
puppet apply script.pp)
We see two
Executable name:
I would prefer several almost identical actions to be implemented in one
program with options instead of several almost identical programs. So I
say lxc-shutdown -r than lxc-reboot. But I have no problem with
lxc-shutdown doing -r based on argv0 as well as getopts. Everyone can
Can the host send a signal to the init's container? If yes, sysvinit
responds to SIGINT. Does upstart behave the same (e.g. process
control-alt-delete.conf when the signal is received)? It's set to
reboot by default, but perhaps there's some other signal than we can
use for shutdown?
SysVInit
After some experiments, upstart ignores SIGPWR, but still listens to
SIGINT, and killing the process from the host works. So modifying the
containter's control-alt-delete.conf to run shutdown -h instead of
shutdown -r can let the host tell the guest to shutdown cleanly.
Dear Fajar,
because a
Dear Arun,
You may also use a DHCP environment to setup the containers network IP,
routing, DNS-Servers etc. This approach will ease any changes of the network
infrastructure and will help you to make your templates more generic. For that,
you have the to assign a fix MAC address to the
Dear Patrick,
As I understand /dev/null isn't writable in your container. That's definitely a
wrong configuration.
Please check, that there is a real device node for /dev/null (and others) in
your container and you have it (and others) in the lxc device access control
list
Dear Michael,
I always hate replying to my own posts but I have stumbled onto some
interesting clarification as I've continued to play with this...
Below in-line.
[...]
Again a well-done investigation. For everyone who don't have the time to
carefully read this threads, i want to sum the
Hi all,
I am really very happy about the goal to get a virtualization solution
mainline, however, there a quite a few things I really hate
about LXC right now, and this is one:
Dear Christian,
because i'm using Gentoo too, I'll try to support you by direct mail
communication.
Guido
4. Which signal? SIGINT? SIGPWR? Both?
Does only work for init based systems, not for upstart, like Ubuntu!
Dear Derek,
Sending a SIGINT to init will invoke the alsctrldel entry of the /etc/inittab
. A SIGPWR will (in absence of /etc/powerfail) call the powerfail entry. In a
common
Looks like the cheap and easy to get OUI is 36 bits long, leaving only
12 bits for the user.
Is 4096 possible unique MAC's enough?
I appreciate the development to let LXC assign an usable random MAC with an
adequate prefix in the default case because this will fit for the most users
and use
I think there is about 80% overlap between the two projects but
enough differences to be interesting. I'll take a closer look at your
script looking for ideas I may have missed, and I invite you to do the same.
@Derek: well-spoken.
@Daniel Serge: Is there already something like a Wiki to
Problem solved.
/dev/rtc is only used to read the time.
To write the date and time the ioctl function settimeofday is used. To
prevent this you have to drop the capability sys_time
Dear sfrazt,
Good job! May you figure out if there are unwanted side effects if one may
drop the sys_time
Hi all,
is lxc-start threadsave, i.e. may a start up different containers in parallel?
Have I to apply a individual value for 'lxc.rootfs.mount', e.g. by use of the
process id or 'mktemp'. Or something else, more?
thanks
Guido
Is there a way to assign veth name(visible from the host) to be the same
each time the container boots ?
At the moment it is a random value like vethFFzyq2
Yes there is:
It's in the man page, but it's not written in bold letters ;)
man 5 lxc.conf
I wonder why it is not on the project page:
Hi all,
something related to the Howto detect we're a LXC Container is the question:
Howto detect from inside a container the name (or something equivalent) of the
machine we're hosted on? This might be of interest for administration level
scripts on setups like the one 'm going to use: It's a
UlliMy lxc meta-script creates /lxc/hostname inside the container at startup:
As a workaround my meta-scripts does something similar be able to re-start the
appropriate containers in case of a panic, powerfail or similar on the
supporting host. But IMHO it's in the concern of basic lxc and not
Hi,
i have tried to find an rfc about this but have failed, instead, the
only (serious/credible) documentation i could find was
http://wiki.xen.org/xenwiki/XenNetworking#head-d5446face7e308f577e5aee1c72cf9d156903722
,
so i updated the script accordingly, here is the updated patch.
again,
Dear
Dear John,
- generate random mac address for the guest so it gets always the same
lease from a dhcp server
You suggest doing this by
macaddr=$(echo -n 00; hexdump -n 5 -v -e '/1 :%02X' /dev/urandom)
I think this is a little bit to random. The german Wikipedia tells at
Hi,
i was facing a similar problem with ipv6 with a 2.6.36 kernel.
What's the similarity?
Bug was corrected in the 2.6.36-rc4.
But, maybe it's not the same?
What's the kernel version?
2.6.37-gentoo
--
Free Software
48 matches
Mail list logo